-
1. Re: WS call is returning Status 403 - Access to the requested resource has been denied
asoldano Oct 19, 2012 6:30 AM (in response to fernando.rubbo)For the records, https://issues.jboss.org/browse/AS7-5732 has been created; see comments on resolution there.
-
2. Re: WS call is returning Status 403 - Access to the requested resource has been denied
fernando.rubbo Oct 19, 2012 10:15 AM (in response to asoldano)The solution seems to be a hack, but it works.
In all WS classes, allow only 'user' role:
@DeclareRoles("user")@RolesAllowed("user")
@Stateless
@SecurityDomain("test")
@WebService(name = "HelloSoap", portName = "HelloSoapPort", serviceName = "HelloSoap", targetNamespace = "http://com.test")
@WebContext(contextRoot = "/ws", urlPattern = "/HelloSoap", secureWSDLAccess = false, authMethod = "BASIC", transportGuarantee = "NONE")
public class HelloSoap {...}
In the login module implementation, add in roles the 'user' role.
protected Group[] getRoleSets() throws LoginException {
Group[] roleSets = {new SimpleGroup("Roles"), new SimpleGroup("CallerPrincipal")};
....
roleSets[0].addMember(new SimplePrincipal("user"));
return roleSets;
}
hope it will be fixed in the future.
Thanks